Welcome to MSDN Blogs Sign in | Join | Help

June 2007 - Posts

Threat Profile and "Composite Threat"

Threat profile is a very interesting concept that identifies the complete set of threats in a given application context. The Threat Analysis and Modeling (TAM) tool generates a threat profile using an inclusive methodology; in other words, it uses the Read More...
Posted Tuesday, June 19, 2007 11:49 AM by rvanil | 2 Comments

Create a good threat model in 10 simple steps

How can I get a great and secure product without killing myself? This is not just a question for how-to diet magazines; it’s a legitimate business problem. I teach the ACE Threat Modeling class (First Wednesday of every month!), and that is the question Read More...
Posted Monday, June 18, 2007 2:11 PM by rvanil | 2 Comments

Rich Internet Applications - The New Security Frontier

In the past we have been relying on the web browser to provide/restrict the user interface for interacting with applications on the Internet. As security teams slowly work to fix the usual SQL Injection, XSS, Input validation attacks there is a whole Read More...
Posted Monday, June 18, 2007 6:15 PM by MJD | 2 Comments
 
Page view tracker